We performed a comparison between Meraki MX and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos XG received better user ratings. Although the two solutions are comparable in most areas, Meraki MX lacks a lot of features in comparison with Sophos XG.
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"It increases security posture and is helpful for firewall reporting, intrusion protection, web filtering, and SD-WAN implementation."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"It can expand easily."
"I like several features that this product has, such as antivirus and internet navigation inspection. It is also simple to use."
"Good performance, stability, and virtual domain ability."
"Fortinet FortiGate's ease of management is the most valuable feature."
"The network security and cloud security are most valuable."
"Very easy to use and navigate."
"I think cloud management is key. The cloud management and support are the two things that make the product great."
"The product is quite secure, easy to manage, and well-connected with other devices."
"WAN optimization is the best feature of the solution."
"To me, the analytics feature is one of the most valuable in Meraki MX. I also find that it has good usability as it's cloud-based. Another valuable feature of Meraki MX is that it's simple to use and it's user-friendly."
"MX is easy to manage, configure and install."
"Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
"It has a helpful feature for database troubleshooting issues."
"I like the tunneling part which we are using for the VOIP. We have various other sites where we connect via tunneling. The tunneling part is very fast and easy to implement."
"Sophos offers great disk encryption, anti protection, and the interface is very user-friendly."
"The security of Sophos XG is very good."
"The most valuable feature of Sophos XG is the VBM."
"Sophos XG Firewall is very usable, very easy to install, and very user friendly."
"Over the past two years, during the COVID pandemic, the VPN has helped us a lot."
"The SD-WAN feature stands out as the most valuable aspect."
"Content blocking for websites is the most valuable aspect of the solution."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"The cloud management and automation capability could be improved."
"The stability of Fortinet FortiGate could improve."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"Performance and technical support are the main issues with this solution."
"The solution could be more secure and stable."
"The stability could be a bit better."
"MX can only be managed via a web interface, but I'm accustomed to using a CLI or a graphical interface. I would also like to see more reporting features. It doesn't provide enough information for me to know precisely about some clients."
"We had minor issues with Meraki MX. We had a couple of RMAs, so that could be an area for improvement, but in terms of how the RMAs went, the turnaround time and getting those back into redeployment were quick. Another area for improvement in Meraki MX is that when you're scaling for multiple locations, you need to use the same model, but the model you'd need is only available for a short time. The specific model you require could be out of stock, or Meraki isn't making that model anymore, so Meraki should improve that."
"The current lead time is longer for Meraki MX, and it needs to be improved."
"Direct logging is something that can be introduced. In the absence of cloud management, the possibility of local configurations and on-premise logins becomes restricted. This limitation stands as a primary concern. When it comes to resolving issues, the inability to access login options hampers troubleshooting efforts. The stability is noteworthy; but when compared to alternative products, its stability is comparatively lower. Additionally, certain limitations are observed in terms of remote control. Price-wise, the solution stands out for its competitive and cost-effective nature compared to other alternatives. Operationally, it is user-friendly and requires minimal effort from administrators, making configuration hassle-free."
"We can’t access GUI management and CLI opening features when the Internet is unavailable."
"The product could incorporate tools like ThousandEyes into the system so we can see things directly."
"The product doesn't support route summarization and BGP dynamic routing protocol."
"It is very expensive."
"We recently did an upgrade on the Sophos XG firmware and we were surprised that after the upgrade, the automatic switch actually we were using did not work anymore."
"Sophos XG could improve Data Loss Prevention(DLP)."
"I would like to next release to be able to support on-premise deployment. The construction of the rules within the firewall could also use some improvement."
"The interface of Sophos XG could be improved. I would prefer the Sophos XG to have an interface for the technician who is setting it up similar to the Sophos SG. I felt the Sophos SG user interface was superior. however, in terms of the functionality of the product, Sophos XG is in many ways more powerful than the Sophos SG. I have no complaints about the quality of the product or the end result. For someone who has used both, I preferred the old interface to the new one."
"In the Sophos XG, the SD-WAN has all the rules done separately, such as net policy routing. In the previous version, they were all in a single rule and everything was done that way. The way it is now is difficult for us because we are not used to this newer version. The firewall rules should be easier to configure and create. Everything should be done with a single click."
"There should be web caching to improve bandwidth utilization. It should have a very good caching feature. That's because we are in a very poor continent, and the connectivity cost is very high. We have low bandwidth, and the intensive usage of bandwidth is not easy here in Africa. If they improve services for web caching, it would be better."
"We are facing some problems on this firmware version, version 18, that require improvement. We want to improve the email security because it doesn't give proper security with the data protection. Also, our clients are facing some problems where most of the sites which they're accessing are getting blocked. I want to improve those sites, that email security, and the data protection on the Firmware version 18."
"For the standard end user, self-based training is necessary. When you get into the Sophos XG firewall and try to start creating NAT rules, it can be a little cumbersome for a novice. It's pretty easy once you know how to do it, but it will be hard for anybody who doesn't have experience."
Meraki MX is ranked 3rd in Unified Threat Management (UTM) with 20 reviews while Sophos XG is ranked 7th in Firewalls with 38 reviews. Meraki MX is rated 7.8, while Sophos XG is rated 8.2. The top reviewer of Meraki MX writes "Great solution that can manage multiple devices (security, switches, APs, Cameras) with a single pane of glass". On the other hand, the top reviewer of Sophos XG writes "Secure, duel switch capabilities, and good support". Meraki MX is most compared with Cisco Secure Firewall, Palo Alto Networks NG Firewalls, Netgate pfSense, SonicWall NSa and SonicWall TZ, whereas Sophos XG is most compared with Netgate pfSense, OPNsense, Sophos XGS, Palo Alto Networks NG Firewalls and Cisco Secure Firewall. See our Meraki MX vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).